Cryptocurrency Mining Threats Jump 80% In 2018 2nd Quarter: McAfee

Cybersecurity firm McAfee Labs recently released its Threats Report September 2018, the latest version of its quarterly report on the status of malware on the internet. The report highlighted the rise of cryptocurrency mining, cryptocurrency attacks, and vulnerabilities in blockchain technology, and said new cryptocurrency miner threats — using mining malware to hijack systems without the victims' (owner of the computer) consent or awareness — surged by 80 percent from the first three months of 2018 to the April-June quarter.

A related report by McAfee Labs, titled Blockchain Threat Report, gave more detail and said cybercriminals were targeting specific groups for illegal mining rather than using a "blanket approach." The report also cited an example of a malicious miner which was injected on a Russian forum in October 2017, targeting gamers with the malware hidden as a “mod” to enhance popular games. Gamers were deceived into downloading the malicious software, which used their computer resources for mining.

The cybersecurity company also noted that cryptocurrency mining malware had increased by 630 percent in the first quarter of 2018 as compared to ransomware attacks — malicious software that threatens to publish the victim's data or block access to it unless a ransom is paid — which declined by 32 percent, over the preceding quarter.

"Due to the increasing popularity of cryptocurrencies, the blockchain revolution is in full swing. Cybercriminals have also found new angles including illegal coin mining and theft leading to profits," the report said.

Even as prices of cryptocurrencies have depreciated in 2018, especially in the first few months — bitcoin prices fell up to 68 percent in just two months, from $19,450 in December to $6,207 in February — the popularity of mining these coins continued to rise.

The Blockchain Threat Report advised users to update software and patches — fixing security vulnerabilities and other bugs — since they are most susceptible to be exploited by hackers.

“It can be costly and time consuming for bad actors to write their own malware. Rather than research and write their own exploits, many malware authors choose publicly disclosed exploits and known vulnerabilities, assuming that a significant number of machines remain unpatched and open for attack.”

The report cited examples of other instances where vulnerabilities in the system paved the way for cybercriminals to exploit flaws. The Verge development team in early April was ill-equipped to deal with the many vulnerabilities in its implementation when it was attacked. The attackers used several vulnerabilities on Verge’s blockchain to make vast quantities of cryptocurrencies from freshly mined blocks to mine new coins without spending any mining power. This attack at the time increased Verge’s transaction volume significantly, exceeding $350 million in 24-hour trading volume.

To prevent crypto mining malware, browsers like Chrome and Opera have introduced features to block mining scripts. The features Opera introduced in January also prevent smartphones from being used by the attackers to secretly mine cryptocurrencies.